Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
File: okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft (raw, json)
Hash identifier: GNeth48P1PvLWV50+Rpp1AIsMHA/1EuN/FZWwl0oiSU=
Subject key identifier: 80:86:43:C5:3B:C2:0E:05:3E:92:A3:69:20:E1:81:34:3E:B6:6E:7C
Authority key identifier: A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
Certificate issuer: /CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Certificate serial: 0197485536246373377F321BBEE382EC6227
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
Manifest number: 32
Signing time: Sat 07 Jun 2025 03:00:33 +0000
Manifest this update: Sat 07 Jun 2025 03:00:33 +0000
Manifest next update: Sun 08 Jun 2025 03:00:33 +0000
Files and hashes: 1: dV2LrBjIlql28uwMDcJVQI6s6A8.roa (hash: F8uj/t68nQ3cbE2EUpzLNyfLklCyKLVmpdDgkWw1Qw4=)
2: okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl (hash: SLou+S44tXxqaFEbSywBW5AG1xX/kSO9Taj9soIySsY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 03:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:48:55:36:24:63:73:37:7f:32:1b:be:e3:82:ec:62:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24357be1958796b12c42b4f4cac51b83de8fd2b
Validity
Not Before: Jun 7 03:00:33 2025 GMT
Not After : Jun 8 03:00:33 2025 GMT
Subject: CN=808643c53bc20e053e92a36920e181343eb66e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:25:1f:4a:08:26:f3:30:26:2a:fd:f3:ab:75:
5e:87:d3:22:14:fa:35:5f:b4:f1:d3:93:1b:29:4e:
cf:49:0a:c6:5b:37:49:79:65:22:63:b8:d0:f6:a3:
e5:45:a8:4d:c2:ef:dd:0d:99:ca:3b:f1:8e:57:a2:
c6:ab:8f:26:e4:a5:0a:2e:99:1a:f9:8b:fe:66:87:
9d:e1:29:92:10:9e:68:e6:bc:20:16:1f:2c:59:9d:
0d:ad:fe:b2:5a:cc:a7:48:44:dd:ea:9c:f0:aa:99:
50:75:3f:98:2d:47:1a:7d:1c:87:c6:c3:7a:46:22:
59:49:95:f0:69:42:0d:6a:d5:61:b1:f9:71:1e:98:
4e:3f:8c:b2:00:65:90:e2:42:dc:ab:b1:f0:84:29:
9d:ec:b7:26:f8:fb:55:f8:0c:b0:43:3a:0a:27:c4:
d4:ca:aa:0a:c9:e2:f1:c4:da:77:bd:5a:cd:b5:2b:
fb:1a:73:00:0b:a8:aa:d7:84:d8:83:b1:13:fe:fc:
0a:7c:1d:5d:da:80:77:99:1a:36:a6:bf:d9:93:91:
6b:44:0a:aa:1a:b0:21:c4:ee:d3:f3:a6:f3:cd:68:
79:b1:0e:cb:60:ef:6e:70:37:16:2b:9e:bd:d0:e9:
ab:e6:b3:72:43:fb:62:d7:50:b8:10:55:fa:61:b9:
67:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:86:43:C5:3B:C2:0E:05:3E:92:A3:69:20:E1:81:34:3E:B6:6E:7C
X509v3 Authority Key Identifier:
keyid:A2:43:57:BE:19:58:79:6B:12:C4:2B:4F:4C:AC:51:B8:3D:E8:FD:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okNXvhlYeWsSxCtPTKxRuD3o_Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3738e7-c928-4141-9cec-3f3cc1e573fd/1/okNXvhlYeWsSxCtPTKxRuD3o_Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
be:40:9f:a8:54:a1:8d:21:4d:e9:9b:94:8a:1d:3f:80:f5:4d:
d1:73:f4:ec:59:3b:ba:dc:46:0c:55:33:55:4c:98:f5:6b:4d:
d3:47:09:a8:47:37:fb:eb:c1:4c:81:13:75:45:7f:0d:7f:b8:
71:6d:bb:60:ee:86:6e:7c:2e:fc:ec:d5:18:b1:ea:fa:dd:65:
b1:08:17:b3:6f:43:18:80:35:8b:26:e8:53:c3:43:8f:72:02:
7b:38:8a:70:aa:b8:94:42:55:91:6b:1d:9a:e2:03:da:bd:a3:
ca:16:42:08:a4:d8:17:ce:f2:17:1f:7b:dc:03:a6:2f:dc:13:
d2:a7:b1:e8:8a:7b:46:c4:70:83:ad:50:d7:53:21:06:89:f2:
6a:62:12:35:bb:ea:65:83:f2:e5:79:10:9b:7c:b8:7c:6b:a9:
12:e5:10:b9:9d:a9:a9:91:7f:24:7b:07:28:44:26:01:13:6b:
82:1c:a7:b7:9e:bc:7d:d1:f8:f8:c7:8d:4f:11:7d:6e:74:12:
1a:15:03:24:34:46:5c:ee:00:e5:40:a4:33:bc:9d:42:c8:c1:
f0:8d:8f:ae:50:c2:14:8e:b4:7e:15:8f:62:46:40:d4:b6:46:
69:75:4b:dc:8e:16:f5:e3:83:9d:40:5a:d9:f8:f6:56:b1:eb:
8a:a5:14:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIVTYkY3M3fzIbvuOC7GInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNDM1N2JlMTk1ODc5NmIxMmM0MmI0ZjRjYWM1MWI4M2Rl
OGZkMmIwHhcNMjUwNjA3MDMwMDMzWhcNMjUwNjA4MDMwMDMzWjAzMTEwLwYDVQQD
Eyg4MDg2NDNjNTNiYzIwZTA1M2U5MmEzNjkyMGUxODEzNDNlYjY2ZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSUfSggm8zAmKv3zq3Veh9MiFPo1
X7Tx05MbKU7PSQrGWzdJeWUiY7jQ9qPlRahNwu/dDZnKO/GOV6LGq48m5KUKLpka
+Yv+Zoed4SmSEJ5o5rwgFh8sWZ0Nrf6yWsynSETd6pzwqplQdT+YLUcafRyHxsN6
RiJZSZXwaUINatVhsflxHphOP4yyAGWQ4kLcq7HwhCmd7Lcm+PtV+AywQzoKJ8TU
yqoKyeLxxNp3vVrNtSv7GnMAC6iq14TYg7ET/vwKfB1d2oB3mRo2pr/Zk5FrRAqq
GrAhxO7T86bzzWh5sQ7LYO9ucDcWK5690Omr5rNyQ/ti11C4EFX6YblnGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFICGQ8U7wg4FPpKjaSDhgTQ+tm58MB8GA1UdIwQY
MBaAFKJDV74ZWHlrEsQrT0ysUbg96P0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMt
M2YzY2MxZTU3M2ZkLzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zNzM4ZTctYzkyOC00MTQxLTljZWMtM2YzY2MxZTU3M2Zk
LzEvb2tOWHZobFllV3NTeEN0UFRLeFJ1RDNvX1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvkCfqFSh
jSFN6ZuUih0/gPVN0XP07Fk7utxGDFUzVUyY9WtN00cJqEc3++vBTIETdUV/DX+4
cW27YO6Gbnwu/OzVGLHq+t1lsQgXs29DGIA1iyboU8NDj3ICeziKcKq4lEJVkWsd
muID2r2jyhZCCKTYF87yFx973AOmL9wT0qex6Ip7RsRwg61Q11MhBonyamISNbvq
ZYPy5XkQm3y4fGupEuUQuZ2pqZF/JHsHKEQmARNrghynt568fdH4+MeNTxF9bnQS
GhUDJDRGXO4A5UCkM7ydQsjB8I2PrlDCFI60fhWPYkZA1LZGaXVL3I4W9eODnUBa
2fj2VrHriqUU3A==
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:25:19 2025 by rpki-client